Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

44 advisories

Loading
A condition for session fixation vulnerability [CWE-384] in the session management of FortiWeb... Critical Unreviewed
CVE-2021-42761 was published Feb 16, 2023
Session fixation vulnerability in Jenkins Bitbucket OAuth Plugin Critical
CVE-2023-24427 was published for org.jenkins-ci.plugins:bitbucket-oauth (Maven) Jan 26, 2023
Trendnet AC2600 TEW-827DRU version 2.08B01 contains a flaw in the session management for the... Critical Unreviewed
CVE-2021-20151 was published Dec 31, 2021
/bin/login.php in the Web Panel on the Airtame HDMI dongle with firmware before 3.0 allows an... Critical Unreviewed
CVE-2017-15304 was published May 17, 2022
VMware vRealize Automation (vRA) prior to 7.4.0 contains a vulnerability in the handling of... Critical Unreviewed
CVE-2018-6959 was published May 14, 2022
An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel... Critical Unreviewed
CVE-2018-11714 was published May 14, 2022
The application was vulnerable to a session fixation that could be used hijack accounts. Critical Unreviewed
CVE-2022-40293 was published Nov 1, 2022
Gogs 0.11.66 allows remote code execution because it does not properly validate session IDs, as... Critical Unreviewed
CVE-2018-18925 was published May 14, 2022
DbNinja 3.2.7 allows session fixation via the data.php sessid parameter. Critical Unreviewed
CVE-2019-7747 was published May 14, 2022
VMware vCloud Director for Service Providers 9.5.x prior to 9.5.0.3 update resolves a Remote... Critical Unreviewed
CVE-2019-5523 was published May 14, 2022
Session fixation vulnerability in Apache2Triad 1.5.4 allows remote attackers to hijack web... Critical Unreviewed
CVE-2017-12965 was published May 14, 2022
Session cookies are not used for maintaining valid sessions in iTrack Easy. The user's password... Critical Unreviewed
CVE-2016-6545 was published May 13, 2022
Revive Adserver before 3.2.3 suffers from session fixation, by allowing arbitrary session... Critical Unreviewed
CVE-2016-9125 was published May 13, 2022
Session fixation vulnerability in the web interface in McAfee Network Security Manager (NSM)... Critical Unreviewed
CVE-2017-3968 was published May 13, 2022
VMware Workspace ONE Assist prior to 22.10 contains a Session fixation vulnerability. A malicious... Critical Unreviewed
CVE-2022-31689 was published Nov 10, 2022
Session fixation vulnerability in D-Link DIR-600L routers (rev. Ax) with firmware before FW1.17... Critical Unreviewed
CVE-2016-10405 was published May 24, 2022
IBM QRadar SIEM 7.3, 7.4, and 7.5 in some situations may not automatically log users out after... Critical Unreviewed
CVE-2021-38869 was published Apr 28, 2022
This vulnerability exists in Tacitine Firewall, all versions of EN6200-PRIME QUAD-35 and EN6200... Critical Unreviewed
CVE-2022-40630 was published Sep 25, 2022
Session fixation vulnerability in Unit4 Polska TETA Web (formerly TETA Galactica) 22.62.3.4 and... Critical Unreviewed
CVE-2015-1174 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database